1 | /* SPDX-License-Identifier: GPL-2.0 */ |
2 | #ifndef _LINUX_USER_NAMESPACE_H |
3 | #define _LINUX_USER_NAMESPACE_H |
4 | |
5 | #include <linux/kref.h> |
6 | #include <linux/nsproxy.h> |
7 | #include <linux/ns_common.h> |
8 | #include <linux/sched.h> |
9 | #include <linux/workqueue.h> |
10 | #include <linux/rwsem.h> |
11 | #include <linux/sysctl.h> |
12 | #include <linux/err.h> |
13 | |
14 | #define UID_GID_MAP_MAX_BASE_EXTENTS 5 |
15 | #define UID_GID_MAP_MAX_EXTENTS 340 |
16 | |
17 | struct uid_gid_extent { |
18 | u32 first; |
19 | u32 lower_first; |
20 | u32 count; |
21 | }; |
22 | |
23 | struct uid_gid_map { /* 64 bytes -- 1 cache line */ |
24 | u32 nr_extents; |
25 | union { |
26 | struct uid_gid_extent extent[UID_GID_MAP_MAX_BASE_EXTENTS]; |
27 | struct { |
28 | struct uid_gid_extent *forward; |
29 | struct uid_gid_extent *reverse; |
30 | }; |
31 | }; |
32 | }; |
33 | |
34 | #define USERNS_SETGROUPS_ALLOWED 1UL |
35 | |
36 | #define USERNS_INIT_FLAGS USERNS_SETGROUPS_ALLOWED |
37 | |
38 | struct ucounts; |
39 | |
40 | enum ucount_type { |
41 | UCOUNT_USER_NAMESPACES, |
42 | UCOUNT_PID_NAMESPACES, |
43 | UCOUNT_UTS_NAMESPACES, |
44 | UCOUNT_IPC_NAMESPACES, |
45 | UCOUNT_NET_NAMESPACES, |
46 | UCOUNT_MNT_NAMESPACES, |
47 | UCOUNT_CGROUP_NAMESPACES, |
48 | UCOUNT_TIME_NAMESPACES, |
49 | #ifdef CONFIG_INOTIFY_USER |
50 | UCOUNT_INOTIFY_INSTANCES, |
51 | UCOUNT_INOTIFY_WATCHES, |
52 | #endif |
53 | #ifdef CONFIG_FANOTIFY |
54 | UCOUNT_FANOTIFY_GROUPS, |
55 | UCOUNT_FANOTIFY_MARKS, |
56 | #endif |
57 | UCOUNT_COUNTS, |
58 | }; |
59 | |
60 | enum rlimit_type { |
61 | UCOUNT_RLIMIT_NPROC, |
62 | UCOUNT_RLIMIT_MSGQUEUE, |
63 | UCOUNT_RLIMIT_SIGPENDING, |
64 | UCOUNT_RLIMIT_MEMLOCK, |
65 | UCOUNT_RLIMIT_COUNTS, |
66 | }; |
67 | |
68 | #if IS_ENABLED(CONFIG_BINFMT_MISC) |
69 | struct binfmt_misc; |
70 | #endif |
71 | |
72 | struct user_namespace { |
73 | struct uid_gid_map uid_map; |
74 | struct uid_gid_map gid_map; |
75 | struct uid_gid_map projid_map; |
76 | struct user_namespace *parent; |
77 | int level; |
78 | kuid_t owner; |
79 | kgid_t group; |
80 | struct ns_common ns; |
81 | unsigned long flags; |
82 | /* parent_could_setfcap: true if the creator if this ns had CAP_SETFCAP |
83 | * in its effective capability set at the child ns creation time. */ |
84 | bool parent_could_setfcap; |
85 | |
86 | #ifdef CONFIG_KEYS |
87 | /* List of joinable keyrings in this namespace. Modification access of |
88 | * these pointers is controlled by keyring_sem. Once |
89 | * user_keyring_register is set, it won't be changed, so it can be |
90 | * accessed directly with READ_ONCE(). |
91 | */ |
92 | struct list_head keyring_name_list; |
93 | struct key *user_keyring_register; |
94 | struct rw_semaphore keyring_sem; |
95 | #endif |
96 | |
97 | /* Register of per-UID persistent keyrings for this namespace */ |
98 | #ifdef CONFIG_PERSISTENT_KEYRINGS |
99 | struct key *persistent_keyring_register; |
100 | #endif |
101 | struct work_struct work; |
102 | #ifdef CONFIG_SYSCTL |
103 | struct ctl_table_set set; |
104 | struct ctl_table_header *sysctls; |
105 | #endif |
106 | struct ucounts *ucounts; |
107 | long ucount_max[UCOUNT_COUNTS]; |
108 | long rlimit_max[UCOUNT_RLIMIT_COUNTS]; |
109 | |
110 | #if IS_ENABLED(CONFIG_BINFMT_MISC) |
111 | struct binfmt_misc *binfmt_misc; |
112 | #endif |
113 | } __randomize_layout; |
114 | |
115 | struct ucounts { |
116 | struct hlist_node node; |
117 | struct user_namespace *ns; |
118 | kuid_t uid; |
119 | atomic_t count; |
120 | atomic_long_t ucount[UCOUNT_COUNTS]; |
121 | atomic_long_t rlimit[UCOUNT_RLIMIT_COUNTS]; |
122 | }; |
123 | |
124 | extern struct user_namespace init_user_ns; |
125 | extern struct ucounts init_ucounts; |
126 | |
127 | bool setup_userns_sysctls(struct user_namespace *ns); |
128 | void retire_userns_sysctls(struct user_namespace *ns); |
129 | struct ucounts *inc_ucount(struct user_namespace *ns, kuid_t uid, enum ucount_type type); |
130 | void dec_ucount(struct ucounts *ucounts, enum ucount_type type); |
131 | struct ucounts *alloc_ucounts(struct user_namespace *ns, kuid_t uid); |
132 | struct ucounts * __must_check get_ucounts(struct ucounts *ucounts); |
133 | void put_ucounts(struct ucounts *ucounts); |
134 | |
135 | static inline long get_rlimit_value(struct ucounts *ucounts, enum rlimit_type type) |
136 | { |
137 | return atomic_long_read(v: &ucounts->rlimit[type]); |
138 | } |
139 | |
140 | long inc_rlimit_ucounts(struct ucounts *ucounts, enum rlimit_type type, long v); |
141 | bool dec_rlimit_ucounts(struct ucounts *ucounts, enum rlimit_type type, long v); |
142 | long inc_rlimit_get_ucounts(struct ucounts *ucounts, enum rlimit_type type); |
143 | void dec_rlimit_put_ucounts(struct ucounts *ucounts, enum rlimit_type type); |
144 | bool is_rlimit_overlimit(struct ucounts *ucounts, enum rlimit_type type, unsigned long max); |
145 | |
146 | static inline long get_userns_rlimit_max(struct user_namespace *ns, enum rlimit_type type) |
147 | { |
148 | return READ_ONCE(ns->rlimit_max[type]); |
149 | } |
150 | |
151 | static inline void set_userns_rlimit_max(struct user_namespace *ns, |
152 | enum rlimit_type type, unsigned long max) |
153 | { |
154 | ns->rlimit_max[type] = max <= LONG_MAX ? max : LONG_MAX; |
155 | } |
156 | |
157 | #ifdef CONFIG_USER_NS |
158 | |
159 | static inline struct user_namespace *get_user_ns(struct user_namespace *ns) |
160 | { |
161 | if (ns) |
162 | refcount_inc(r: &ns->ns.count); |
163 | return ns; |
164 | } |
165 | |
166 | extern int create_user_ns(struct cred *new); |
167 | extern int unshare_userns(unsigned long unshare_flags, struct cred **new_cred); |
168 | extern void __put_user_ns(struct user_namespace *ns); |
169 | |
170 | static inline void put_user_ns(struct user_namespace *ns) |
171 | { |
172 | if (ns && refcount_dec_and_test(r: &ns->ns.count)) |
173 | __put_user_ns(ns); |
174 | } |
175 | |
176 | struct seq_operations; |
177 | extern const struct seq_operations proc_uid_seq_operations; |
178 | extern const struct seq_operations proc_gid_seq_operations; |
179 | extern const struct seq_operations proc_projid_seq_operations; |
180 | extern ssize_t proc_uid_map_write(struct file *, const char __user *, size_t, loff_t *); |
181 | extern ssize_t proc_gid_map_write(struct file *, const char __user *, size_t, loff_t *); |
182 | extern ssize_t proc_projid_map_write(struct file *, const char __user *, size_t, loff_t *); |
183 | extern ssize_t proc_setgroups_write(struct file *, const char __user *, size_t, loff_t *); |
184 | extern int proc_setgroups_show(struct seq_file *m, void *v); |
185 | extern bool userns_may_setgroups(const struct user_namespace *ns); |
186 | extern bool in_userns(const struct user_namespace *ancestor, |
187 | const struct user_namespace *child); |
188 | extern bool current_in_userns(const struct user_namespace *target_ns); |
189 | struct ns_common *ns_get_owner(struct ns_common *ns); |
190 | #else |
191 | |
192 | static inline struct user_namespace *get_user_ns(struct user_namespace *ns) |
193 | { |
194 | return &init_user_ns; |
195 | } |
196 | |
197 | static inline int create_user_ns(struct cred *new) |
198 | { |
199 | return -EINVAL; |
200 | } |
201 | |
202 | static inline int unshare_userns(unsigned long unshare_flags, |
203 | struct cred **new_cred) |
204 | { |
205 | if (unshare_flags & CLONE_NEWUSER) |
206 | return -EINVAL; |
207 | return 0; |
208 | } |
209 | |
210 | static inline void put_user_ns(struct user_namespace *ns) |
211 | { |
212 | } |
213 | |
214 | static inline bool userns_may_setgroups(const struct user_namespace *ns) |
215 | { |
216 | return true; |
217 | } |
218 | |
219 | static inline bool in_userns(const struct user_namespace *ancestor, |
220 | const struct user_namespace *child) |
221 | { |
222 | return true; |
223 | } |
224 | |
225 | static inline bool current_in_userns(const struct user_namespace *target_ns) |
226 | { |
227 | return true; |
228 | } |
229 | |
230 | static inline struct ns_common *ns_get_owner(struct ns_common *ns) |
231 | { |
232 | return ERR_PTR(-EPERM); |
233 | } |
234 | #endif |
235 | |
236 | #endif /* _LINUX_USER_H */ |
237 | |